----- Original Message ----- From: "Peter M. Goldstein" <[EMAIL PROTECTED]> > i) Current solution is broken, not only implementation-wise but also > design/architecture
That is why I am agreeing with you to replace it. > > ii) Correctly designing a pluggable, flexible, correct > authentication/authorization mechanism is highly non-trivial. It It may not be the best mechanism, but AuthServiceFactory fixes the problem you found and it is better than coupling auth stuff inside handler. > We do not have the time to do this properly without pushing out the > release. I'll make sure AuthService issue is corrected before release. The change delta will be smaller with AuthServiceFactory from current codebase. We have so far talked about what should not be. Let us talk about what should be the right way. ideas... thanks, Harmeet -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
